the second payment services directive · 1 see apia t hermida (2018), “las tecnofinanzas...

the secoNd paymeNt services directive

alberto Javier tapia hermida (*)

this article is the exclusive responsibility of the author and does not necessarily reflect the opinion of the banco de españa or the eurosystem.

(*) alberto Javier tapia hermida, professor of mercantile law, universidad complutense de madrid.

BANCO DE ESPAÑA 59 FINANCIAL STABILITY REVIEW, ISSUE 35

THE SECOND PAYMENT SERVICES DIRECTIVE

this study offers a succinct overview, from a legal and regulatory standpoint of directive

(eu) 2015/2366 on payment services (psd2). it begins by describing the general aspects

of the psd2 within its considerable geographical, transitional, regulatory framework of

reference together with its legislative policy purpose and its regulatory background. Next

the study sets out the regulatory structure of payment services in the eu under the psd2

which consists of the parties involved, namely the different types of service providers and

users, and defined payment services, which are classified by identifying those that are

included and those that are excluded. the study is completed with a description of how

payment services function in the eu under the psd2, starting with the proper identification

of the agreements arising from those services, followed by a description of the rules on

transparency and the legal status of the parties involved comprising their rights and

obligations when payment transactions are authorised and carried out.

the implementation of new european regulations on different financial market aspects,

which notably impact intermediaries as well as customers and investors, has been

particularly prolific in 2018 and, in particular, in January 2018. specifically, those rules have

affected the banking market and, within it, payments systems and mechanisms.

We can classify the financial regulatory impacts into two categories:

a) regulation of the banking market was changed significantly by the entry into

force on 25 November 2017 of the rules on bank accounts and the comparability

of fees set forth in directive 2014/92/eu of the european parliament and of

the council of 23 July 2014 on the comparability of fees related to payment

accounts, payment account switching and access to payment accounts with

basic features,1 which was transposed into spanish law by royal decree-law

19/2017 of 24 November 2017 on payment accounts with basic features,

payment account switching and the comparability of fees.2

b) regulation of the securities market was profoundly affected by the entry into

force on 3 January 2018, of mifid ii, comprising directive 2014/65/eu of the

european parliament and of the council of 15 may 2014 on markets in financial

instruments (mifid ii) and by regulation (eu) No. 600/2014 of the european

parliament and of the council of 15 may 2014 on markets in financial

instruments and amending regulation (eu) No. 648/2012 (mifir). mifid ii has

been partially transposed into spanish law by royal decree-law 21/2017 of

29 december 2017 on urgent measures for the adaptation of spanish law to

european union regulations on the securities market.3

1 OJEU of 28.8.2014.2 Official State Gazette No. 287, of 25 November 2017. see tapia hermida (2018), “la nueva regulación de las

cuentas de pago en la unión europea. la directiva 2014/92/ue y su trasposición al ordenamiento español mediante el real decreto-ley 19/2017”, La Ley Unión Europea, No. 56, 28 february.

3 Official State Gazette No. 317, of 30 december 2017. see tapia hermida (2018), “la aplicación de la normativa mifid ii desde el 3 de enero de 2018 y su trasposición al ordenamiento español”, Revista de Derecho Bancario y Bursátil (rdbb), No. 149, pp. 187-202.

Summary

1 Introduction: the PSD2 within the financial regulatory tsunami of 2018


the landscape which we have just described of new european regulations governing

different aspects of the financial market was completed with the implementation – as from

13 January 2018 – of directive (eu) 2015/2366 of the european parliament and of the

council of 25 November 2015 on payment services in the internal market, amending

directives 2002/65/ec, 2009/110/ec and 2013/36/eu and regulation (eu) No. 1093/2010,

and repealing directive 2007/64/ec (psd2).4 article 115 of the psd2 on its transposition

states that, “by 13 January 2018, member states shall adopt and publish the measures

necessary to comply with this directive” and “they shall apply those measures from 13

January 2018”.5

the importance and direct impact of the psd2 on daily banking operations could be

verified by checking how, in the closing weeks of 2017, spanish banks informed their

customers of the main effects of the imminent implementation of the psd2 as from 13

January 2018. further to this, and given that the psd2 is not fully integrated into spanish

law, it is appropriate to consider the possible direct effect of certain of its provisions

should, for example, any payer, user, payment initiation service provider or account

information service provider claim the right to access those accounts or the information in

them in the terms laid down in articles 66 and 67 of the psd2. in such cases, it will be

necessary to contrast, on one hand, the scope of a possible request to exercise the right

of access and, on the other, the direct enforceability of the rule.

the psd2 has a two-pronged regulatory6 scope:

a) a status or subjective scope because it defines six categories of payment

service providers which can be organised into the following two groups: on

one hand, institutions which have their own status established in rules external

to the psd (the main example is that of credit institutions) and, on the other,

payment institutions whose specific status – comprising the conditions of

taking up and pursuit of the business of payment services – is laid down in the

PSD2 [Article 1(1)].

interestingly, the psd2, in addition to the specific status of payment

institutions (chapter i of title ii), establishes a series of common provisions

for all types of payment service providers (chapter ii of title ii). this

enshrines, on one hand, the principle – inherent to financial regulation – that

the activity of providing payment services be reserved to authorised

providers, by prohibiting natural or legal persons that are neither payment

service providers nor explicitly excluded from the scope of the psd2 (article

37) from providing payment services; and, on the other, the right of those

providers to access payment services in objective, proportionate and non-

discriminatory conditions (article 35).

4 OJEU 23.12.2015. it is a formal and materially extensive directive with 113 recitals, 117 articles and 2 annexes. as for its general aspects, see alonso ledesma (2018), “los nuevos proveedores de servicios de pagos: una primera aproximación a la segunda directiva de servicios de pagos”, Revista General de Derecho de los Sectores Regulados, 1, pp. 2 et seq.

5 the press release of the european commission of 12 January 2018 “payment services: consumers to benefit from cheaper, safer and more innovative electronic payments” (ip/18/141) called on the member states that have still not transposed the directive – which include spain – “to do so as a matter of urgency”.

6 recital 6 of the psd2 covers the importance of an adequate regulation for the efficiency of the payments system as a whole in the eu.

2 general aspects

2.1 regulatory time

frameWork:

the implemeNtatioN

as from 13 JaNuary 2018

aNd its possible direct

effect

2.2 regulatory material

frameWork: the tWo

straNds (status aNd

fuNctioNal) of the

scope

BANCO DE ESPAÑA 61 FINANCIAL STABILITY REVIEW, ISSUE 35BANCO DE ESPAÑA 61 FINANCIAL STABILITY REVIEW, ISSUE 35

the psd2 – also called the revised payment services directive – is

the latest in a series of rules adopted by the eu to establish

modern, efficient and inexpensive payment services to strengthen

the protection of consumers and european firms. it incorporates

and repeals directive 2007/64/ec (the first payment services

directive or psd1) which laid the legal foundations for creating a

single market in payment services throughout the eu. the psd2

adapts the previous rules from psd1 to take into account the new

payment services, including internet and mobile payments, and

ensures a safer environment for consumers.1

the european commission has underlined the following highlights

of the psd2: it prohibits surcharging, which are additional charges

for payments with consumer credit or debit cards, both in shops or

on-line; it opens the eu payment market to companies offering

payment services, based on them gaining access to information

about the payment account; it introduces strict security

requirements for electronic payments and for the protection of

consumers’ financial data; and it enhances consumers’ rights in

numerous areas, such as reducing the liability for non-authorised

payments and introducing an unconditional refund right for direct

debits in euro.

BOx 1 THE LEgISLATIVE POLICY PURPOSE OF THE PSD2

b) a functional or objective scope because it sets out common rules on

transparency and the rights and obligations of users and of payment service

providers. Note that these common rules affect all categories of providers

with regard to the provision of these services as a regular occupation or

business activity [Article 1(2)].

it should be recalled that, from a legal standpoint, payment is the first of the

forms to discharge the obligations envisaged and regulated in article 1156 et

seq. of the civil code.

the general geographical scope of the psd2 covers payment services provided in the eu

(article 2) without prejudice, in some cases, to a partial geographical extension. this is

because, for example, its provisions on transparency requirements and information

requirements for payment service providers and on rights and obligations in relation to the

provision and use of payment services should also apply, where appropriate, to transactions

where one of the payment service providers is located outside the european economic

area (eea) in order to avoid divergent approaches across member states to the detriment

of consumers. furthermore, where appropriate, those provisions should be extended to

transactions in all official currencies between payment service providers that are located

within the eea.7

the psd2 has a two-pronged regulatory background where subjective and functional

european financial regulations coexist:

this coexistence arises because the psd2 includes – within the categories of payment

service providers which can legitimately provide payment services throughout the eu –

together with payment institutions, whose specific status it regulates, credit institutions

7 see recital 8.

2.3 regulatory

geographical

frameWork: paymeNt

services provided

WithiN the eu aNd

THE PARTIAL EXTENSION

2.4 regulatory

eNviroNmeNt

2.4.1 subjective financial

regulations

1 see tapia hermida (2018), “las tecnofinanzas (fiNtech). retos a la regulación y a la supervisión financieras”, Revista Iberoamericana del Mercado de Valores (rimv), No. 54 (July), pp. 1 et seq.


which take deposits from users that can be used to fund payment transactions and which

should continue to be subject to the prudential requirements laid down in directive

2013/36/eu of the european parliament and of the council; electronic money institutions

which issue electronic money that can be used to fund payment transactions and which

should continue to be subject to the prudential requirements laid down in directive

2009/110/ec; and post office giro institutions which are entitled to provide payment

services under national law. it is for that reason that the subjective specific scope of the

psd2 is confined to service providers which provide payment services as a regular

occupation or business activity.8

the functional regulatory coexistence of the psd2 arises in several areas for the following

reasons:

a) in order to protect consumers against unfair and and misleading practices,

the psd2 coexists with directives 2005/29/ec, 2000/31/ec, 2002/65/ec,

2008/48/ec, 2011/83/ec and 2014/92/eu. consequently, the provisions of

these directives continue to apply.9

b) in order to ensure the appropriate processing of personal data when payment

services are provided by payment service providers, the psd2 coexists with

directive 95/46/ec of the european parliament and of the council and

regulation (ec) No. 45/2001 of the european parliament and of the council.10

c) to ensure respect for fundamental rights in general and, in particular, the right

to respect for private and family life, the right to protection of personal data,

the freedom to conduct a business, the right to an effective remedy and the

right not to be tried or punished twice in criminal proceedings for the same

offence, the psd2 coexists with the charter of fundamental rights of the

european union.11

the type of payment service providers12 can be classified according to the following

criteria:

a) the legal status of the institution: accordingly, the psd2 delimits its subjective

scope by referring to six categories of payment service providers (article 1)

which can be organised, in turn, into the following two groups:

a.1) institutions with their own generic status established in rules that are

external to the psd2, which are credit institutions (essentially banks),

including their branches located in the eu; electronic money institutions;

post office giro institutions which are entitled under national law to

provide payment services; the ecb and national central banks when not

acting in their capacity as monetary authority or other public authorities;

and member states or their regional or local authorities when not acting

in their capacity as public authorities.

8 see recital 24. 9 see recital 55.10 see recital 89.11 see recital 90. 12 see alonso ledesma (2018), op. cit., pp. 7 et seq.

2.4.2 functional financial

regulations

3 Structure of payment services in the EU

3.1 parties

3.1.1 payment service

providers (1). type


a.2) institutions with a specific status established in the psd2. these are

payment institutions which are business legal persons – other than the

above-mentioned institutions – and authorised to provide and execute

payment services throughout the EU [Articles 1(1)(d), 4(4) and 11(1)].

b) the type of payment services provided: we can differentiate between two

large categories of payment service providers with crucial regulatory

consequences in the field of access to payment accounts and to information

on payment accounts, as we will see below. the two categories are as follows:

b.1) account servicing payment service providers (essentially banks), which

are defined as “a payment service provider providing and maintaining a

payment account for a payer” [Article 4(17)].

b.2) providers of other payment services (frequently adopting the form of

fintechs) which, in turn, may be providers of payment initiation services,

and are defined as “a service to initiate a payment order at the request

of the payment service user with respect to a payment account held at

another payment service provider” [Article 4(15)];13 or providers of

account information services, which are defined as “on-line service to

provide consolidated information on one or more payment accounts

held by the payment service user with either another payment service

provider or with more than one payment service provider” [article

4(16)].14

the regulatory significance of this distinction between the different types of payment

service providers according to the various types of payment services they provide is

underlined in two aspects relating to the following conditions required for the pursuit of

their business. on one hand, the own fund requirements which it would be

disproportionate to impose on these new market players since payment initiation

service providers and account information service providers, when exclusively providing

those services, unlike account servicing payment service providers, do not hold client

funds. on the other, the guarantees which they must provide in the form of professional

indemnity insurance or a comparable guarantee so that they are able to meet their

liabilities in relation to their activities.15

as indicated in the previous section, payment institutions are business legal persons which

are authorised to provide and execute payment services throughout the eu [articles 1(1)

(d), 4(4) and 11(1)]. Since their specific status is established in the PSD2, it warrants

particular attention.16

13 see as regards their legal status, alonso ledesma (2018), op. cit., pp. 9 et seq.14 see as regards their legal status, alonso ledesma (2018), op. cit., pp. 25 et seq.15 in this respect, recital 35 indicates: “eba should develop guidelines in accordance with article 16 of regulation

(eu) No. 1093/2010 on the criteria to be used by member states to establish the minimum monetary amount of professional indemnity insurance or comparable guarantee. eba should not differentiate between professional indemnity insurance and a comparable guarantee, as they should be interchangeable.”

16 as regards the previous system in the psd1, see garcía rodríguez (2012), “la directiva 2007/64/ce, sobre servicios de pago en el mercado interior y la nueva figura de las entidades de pago en españa y el reino unido”, Revista de Derecho Bancario y Bursátil (rdbb), No. 128, pp. 183 et seq., and linares polaino (2012), “las entidades de pago y las entidades de dinero electrónico: los cuasibancos”, Derecho Bancario y Bursátil, madrid, pp. 393 et seq.

3.1.2 payment service

providers (2). special

mention of the status

of payment institutes


the status of payments institutions is established in the psd217 in accordance with the

typical system of european regulation of financial intermediaries which includes

the following five phases:

a) the first phase is the definition of the financial activity inherent to this type of

institutions which, in this case, comprises the professional provision in the eu

of the payment services defined in annex i of the psd2, which we will examine

below.

it should be noted that payment institutions, apart from the provision of

payment services, shall be entitled to engage in other activities such as the

provision of operational and closely related ancillary services such as ensuring

the execution of payment transactions, foreign exchange services, safekeeping

activities, and the storage and processing of data; the operation of payment

systems and business activities other than the provision of payment services,

having regard to applicable union and national law (article 18).

b) the second phase is that said activity of the professional provision of payment

services be reserved to authorised intermediaries which, in this case, are

payment institutions together with the other payment service providers listed

in article 1(1) of the psd2. this vetted access to activity operates in the form

of a prohibition of persons other than payment service providers from providing

payment services and an imposition on authorised suppliers of notification

duties in respect of competent authorities (article 37).

c) the third phase consists of a requirement that the intermediary – in this case,

the payment institution – fulfil a set of conditions for taking up the professional

business of payment services which is verified through the authorisation of such

professional business and in public registers. this covers a series of subjective

requirements (significant shareholders and directors), objective requirements

(initial capital) and functional requirements (corporate governance and

business organisation) which are reflected in the documents accompanying

the application for authorisation as a payment institution that its promoters

should send to the competent authorities of the home member state. these

documents are as follows: the programme of operations setting out in

particular the type of payment services envisaged; the business plan including

a forecast budget calculation for the first three financial years which

demonstrates that the applicant is able to employ the appropriate and

proportionate systems, resources and procedures to operate soundly; the

evidence that the payment institution holds the initial capital required;

the governance arrangements and internal control mechanisms, including

administrative, risk management and accounting procedures, which

demonstrate that those governance arrangements, control mechanisms and

procedures are proportionate, appropriate, sound and adequate; the

description of the procedure in place to monitor, handle and follow up a

security incident and security related customer complaints, etc. (article 5 et

seq.).

17 chapter i of title ii, article 5 et seq.


the granting of authorisation shall entail the registration of the payment

service providers in the register of the home member state and of the eba

(articles 14 and 15).

d) the fourth phase consists of a requirement that the payment institution fulfil a

set of conditions for exercising the professional business of providing payment

services which comprise maintaining over time the above-mentioned

conditions for the taking up of the business and other supplementary conditions

such as the control of the shareholding (article 6), the maintenance of adequate

own funds (article 8 et seq.) and the safeguarding of funds received from users

of payment services or received through another payment service provider to

execute payment transactions (article 10), etc. as regards the latter, it is

particularly important to recall that user funds should be kept separate from

the payment institution’s funds, for which purpose safeguarding requirements

need to be established when a payment institution is in possession of payment

service user funds. in particular, where the same payment institution executes

a payment transaction for both the payer and the payee and a credit line is

provided to the payer, it might be appropriate to safeguard the funds in favour

of the payee once they represent the payee’s claim towards the payment

institution.18

Noteworthy within this phase, on account of its practical importance in the

new primarily digital environment of payment services, is the regulation of

the use of third parties by payment institutions to provide their services. to

this end, the distinction should be drawn between the following two

assumptions regulated in the psd2 (article 19):

on the one hand, the use of agents. thus, payment institutions intending to

provide payment services through an agent shall inform the competent

authorities of their home member state of certain information (name and

address of the agent, a description of the internal control mechanisms that will

be used by the agent in respect of money laundering and terrorist financing,

the identity of directors and persons responsible for the management of the

agent, etc.). Within two months of receipt of this information, the competent

authority shall communicate to the payment institution whether the agent has

been entered in the appropriate public register, after which the agents may

commence providing payment services. conversely, before listing the agent in

the register, if the competent authority considers that the information provided

to it is incorrect, it will take further action to verify the information. additionally,

if the payment institution wishes to provide payment services in another

member state by engaging an agent, it shall follow the procedures set out in

article 28 of the psd2 for exercising the right of establishment and shall

ensure that the agent acting on its behalf inform payment service users of this

fact.

on the other, the outsourcing of functions. therefore, where a payment

institution intends to outsource operational functions of payment services, it

shall inform the competent authorities of its home member state accordingly.

furthermore, in the case of important operational functions, including it

18 see recital 37.


BOx 2PAYMENT SERVICE USERS. TYPE

at the other extreme of the legal relations arising from payment

services are payment service users who are defined as “a natural

or legal person making use of a payment service in the capacity of

payer, payee, or both” [Article 4(10)].

the type of payment service users can be classified according to

the following two criteria:

a) their legal status, distinguishing between “consumer

users” – defined as “a natural person who, in payment

service contracts covered by this directive, is acting for

purposes other than his or her trade, business or

profession” [Article 4(20)] – and “non-consumer users”

who – conversely – in payment service agreements, are

acting for the purposes inherent to their trade, business or

profession.

b) their position or role in the payment service agreement,

it is possible to draw a distinction between the

“consumer” or “non-consumer user” in their capacity

as a payer, defined as “a natural or legal person who

holds a payment account and allows a payment order

from that payment account, or, where there is no

payment account, a natural or legal person who gives

a payment order” [Article 4(8)]; or as payee, defined as

“a natural or legal person who is the intended recipient

of funds which have been the subject of a payment

transaction” [Article 4(9)].

systems,19 the payment institution shall comply with a series of general

conditions, such that the outsourcing “shall not [...] impair materially the quality

of the payment institution’s internal control and the ability of the competent

authorities to monitor and retrace the payment institution’s compliance with all

of the obligations” as laid down by the psd2; and it shall comply with special

conditions, whereby the outsourcing shall not result in the delegation by senior

management of its responsibility; the relationship and obligations of the

payment institution towards its users shall not be altered; the conditions with

which the payment institution is to comply in order to be authorised and remain

so in accordance with this title shall not be undermined; and none of the other

conditions subject to which the payment institution’s authorisation was granted

shall be removed or modified.

as common factors of the above-mentioned two assumptions, the psd2 lays

down two duties of payment institutions where they rely on third parties for the

performance of operational functions which are that they are fully liable for any

acts of their employees, or any agent, branch or entity to which activities are

outsourced (article 20) and that they keep all appropriate records to comply

with the duties imposed by the psd2 (article 21).

e) the fifth phase of the status of payment institutions under the psd2 is their

public supervision because compliance by payments institutions with the

conditions of taking up and pursuit of the professional business of payment

services is verified by competent authorities whose controls shall be

proportionate, adequate and responsive to the risks to which payment

19 “[A function where] a defect or failure in its performance would materially impair the continuing compliance of a payment institution with the requirements of its authorisation [...], its other obligations [...], its financial performance, or the soundness or the continuity of its payment services” is deemed an important operational function.”


institutions are exposed. accordingly, the psd2 lays down a complete system

of public supervision of payment institutions20 which covers the following

aspects: the designation of competent authorities; the scope of supervision;

the duty of professional secrecy by which all persons who work or who have

worked for the competent authorities, as well as experts acting on behalf of the

competent authorities will be bound; cooperation and the exchange of

information by the competent authorities of the member states; the right to

apply to the courts with regard to decisions taken by the competent authorities

in respect of a payment institution; the settlement of disagreements between

competent authorities of different member states; the application to exercise

the right of establishment and freedom to provide services in the eu by an

authorised payment institution and the corresponding supervision; and the

measures in case of non-compliance (“including precautionary measures”) by

a payment institution with its obligations.

the objective and functional scope of the psd2 comprises payment services provided within

the eu, meaning the activities listed in annex i which are: “1. services enabling cash to be

placed on a payment account as well as all the operations required for operating a payment

account. 2. services enabling cash withdrawals from a payment account as well as all the

operations required for operating a payment account. 3. execution of payment transactions,

including transfers of funds on a payment account with the user’s payment service provider

or with another payment service provider: (a) execution of direct debits, including one-off

direct debits; (b) execution of payment transactions through a payment card or a similar

device; (c) execution of credit transfers, including standing orders. 4. Execution of payment

transactions where the funds are covered by a credit line for a payment service user:

(a) execution of direct debits, including one-off direct debits; (b) execution of payment

transactions through a payment card or a similar device; (c) execution of credit transfers,

including standing orders. 5. issuing of payment instruments and/or acquiring of payment

transactions. 6. Money remittance. 7. Payment initiation services. 8. Account information

services”.

in view of this list, it is possible to distinguish – with legal relevance – between payment

services involving the deposit and withdrawal of funds, between direct payments and

payments on credit, and between bilateral and trilateral payments, etc.

article 3 of the psd2 excludes from its scope a set of payment transactions for three types

of reasons:

a) objective reasons: payment transactions made exclusively in cash directly

from the payer to the payee, without any intermediary intervention; professional

physical transport of banknotes and coins, including their collection, processing

and delivery; cash-to-cash currency exchange operations where the funds are

not held on a payment account; etc.

b) subjective reasons: such as payment transactions from the payer to the payee

through a commercial agent authorised via an agreement to negotiate or

conclude the sale or purchase of goods or services on behalf of only the payer

or only the payee; services where cash is provided by the payee to the payer as

part of a payment transaction following an explicit request by the payment

20 section 3 of chapter i of title ii, article 22 et seq.

3.2 purposes aNd

fuNctioNs: paymeNt

services

3.2.1 payment services

that are included

3.2.2 payment services

that are excluded


service user just before the execution of the payment transaction through a

payment for the purchase of goods or services; payment transactions and

related services between a parent undertaking and its subsidiary or between

subsidiaries of the same parent undertaking, without any intermediary

intervention by a payment service provider other than an undertaking belonging

to the same group; etc.

c) functional reasons: such as payment transactions consisting of the non-

professional cash collection and delivery within the framework of a non-profit or

charitable activity; payment transactions carried out within a payment or

securities settlement system between settlement agents, central counterparties,

clearing houses and/or central banks and other participants of the system, and

payment service providers; payment transactions related to securities asset

servicing, including dividends, income or other distributions, or redemption or

sale, carried out by certain persons or by investment firms, credit institutions,

collective investment undertakings or asset management companies providing

investment services and any other entities allowed to have the custody of

financial instruments; etc.

the psd2 regulates two essential aspects of the functioning of payment services in the eu

which are, on one hand, their transparency and, on the other, the rights and obligations of

payment service users and of payment service providers. as indicated above, these

common rules affect all categories of payment service providers with regard to the

provision of these services as a regular occupation or business activity [Article 1(2)].

a requirement for clearly describing the regulation of these functional aspects of payment

services, is to begin by clarifying the essential bases of the legal structure of agreements

arising from payment services because we will see that they will influence the specific

aspects regulated in the psd both as regards their transparency and the rights and

obligations of each party.

the psd2 treats very differently single or sporadic payment transactions performed

outside a framework contract between supplier and user, and those which are part of a

framework contract. Note that, in practice, framework contracts and the payment

transactions covered by them are far more common and economically significant than

single payment transactions. furthermore, if there is a payment account or a specific

payment instrument, a framework contract is required.

the varied regulation of the above-mentioned two assumptions is seen, in particular, in the

area of transparency where the following can be verified:

a) in single payment transactions,21 the essential information should be given on

the payment service provider’s own initiative since the payer is usually present

when giving the payment order and, therefore, it should not be necessary to

require in every case that information be provided on paper or on another

durable medium. thus, the payment service provider should be able to give

information orally over the counter or make it otherwise easily accessible, for

21 the psd2 defines a payment transaction as “an act, initiated by the payer or on his behalf or by the payee, of placing, transferring or withdrawing funds, irrespective of any underlying obligations between the payer and the payee” [Article 4(4)].

4 Functioning of payment services in the EU

4.1 bases of the legal

structure of

agreemeNts arisiNg

from paymeNt services

4.1.1. framework contracts vs.

single payment

transactions


example by keeping the conditions on a notice board on the premises.

Notwithstanding the foregoing, information should also be given on where to

find other, more detailed, information (for example, on the website) and, if the

consumer so requests, the essential information should also be given on

paper or on another durable medium.22

b) in the case of framework contracts,23 the requirements for prior information

should be comprehensive and information should always be provided on paper

or on another durable medium, such as printed account statements from

atms, cd-rom, dvd and the hard drives of personal computers on which

electronic mail can be stored, and internet sites, provided that such sites are

accessible for future reference, for a sufficient period of time for the purposes

of accessing the information and provided that these sites allow the

reproduction of the information stored there in an unaltered form. it should be

added that the framework contract between the payment service provider and

the payment service user should allow to stipulate the manner in which

subsequent information on executed payment transactions is to be given, for

example, that in internet banking, all information on the payment account be

made available on-line.24

the regulatory nature of these framework contracts can also be seen with

respect to their duration or possible changes to their content:

b.1) first, as regards duration, the directive regulates the conditions of the

possible termination of the framework contract by the parties. on the one

hand, the payment service user may terminate the contract at any time,

unless the parties have agreed on a period of prior notice which shall not

exceed one month. termination shall be free of charge except where the

contract has been in force for less than six months and charges, if any,

shall be appropriate and in line with costs. on the other, the payment

service provider may terminate a framework contract concluded for an

indefinite period by giving at least two months’ notice, and may charge

the user for the proportional part of the expenses up to the termination of

the contract (article 55).

b.2) second, as regards changes to the content of the framework contract,

the directive regulates any changes to the framework contract conditions

made by the payment service provider, giving the information specified

and notice of no less than two months before the proposed date of

application, and the payment service user can either accept or reject

the changes before their proposed date of entry into force. in particular,

changes in the interest and exchange rates may be applied immediately

and without notice by the payment service provider, provided that this

has been agreed upon in the framework contract and that the changes

in the interest and exchange rates are based on the reference interest or

exchange rates agreed on (article 54).

22 see recital 58.23 the psd2 defines framework contracts as follows: “a payment service contract which governs the future

execution of individual and successive payment transactions and which may contain the obligation and conditions for setting up a payment account” [Article 4(21)].

24 see recital 57.


the psd2 regulates, in principle, the transparency and the rights

and obligations of contracts between payment service providers

and users. however, this regulation has indirect and collateral

effects on the following two types of contracts:

a) contracts between different types of payment service

providers. We found evidence (through omission) of the

importance of such contracts in the stipulation that the

provision of payment initiation or account information

services shall not be dependent on the existence of a

contractual relationship between the payment initiation or

account information service providers and the account

servicing payment service providers for that purpose

[Articles 66(5) and 67(4)].

b) contracts between payment service providers and other

financial intermediaries, since the proper functioning of

transfers and other payment services requires that

payment service providers and their intermediaries (for

example, payment processors) have contracts in which

their mutual rights and obligations are laid down.

regarding their content, the psd2 notes the following

key aspects: the liabilities of each party to ensure legal

certainty to the effect that a non-responsible payment

service provider is compensated for losses incurred or

sums paid; further rights; the details of content of

recourse; and how to handle claims towards the

payment service provider or intermediary attributable to

defective payment transactions1.

BOx 3 CONTRACTS BETWEEN PAYMENT SERVICE PROVIDERS AND USERS VS. CONTRACTS BETWEEN

PAYMENT SERVICE PROVIDERS AND OTHER FINANCIAL INTERMEDIARIES

the regulation of the “transparency of conditions and information requirements for

payment services”, in title iii of the psd2 (article 38 et seq.) can be explained in terms of

the classical structure of communication, identifying the issuers (in this case, the payment

service providers),25 the receivers (the payment service users) and the messages (the

payment service conditions), and based on the general principle of the appropriateness of

the information, in a dual sense: appropriate for the parties, since, in order to enhance

efficiency, the information required should be proportionate to the needs of users and

should be communicated in a standard format; and appropriate for the type of relationship

between the parties, since the information requirements for a single payment transaction

should be different from those of a framework contract providing for a series of payment

transactions.26

in the first sense mentioned, it is important to distinguish between two assumptions that

condition the way in which the payment service providers must fulfil their information

obligations:

a) the first assumption is that of general transparency, as it relates to the

information obligations with respect to all types of payment service users.

the psd2 establishes two ways in which the payment service provider can

provide the necessary information to the payment service user. in this case,

on the basis that the needs of the user, as well as practical technical aspects

25 for the information and transparency obligations of payment initiation service providers, see alonso ledesma (2018), op. cit., pp. 21 et seq.

26 see recital 56.

4.2 traNspareNcy

of paymeNt services

4.2.1 the regulation of

transparency as a

communication

phenomenon: issuers,

receivers and messages

1 see recital 87.


and cost-efficiency, must always be taken into account, there are two ways

in which information is to be given by the payment service provider:27

a.1) actively and at the appropriate time, without any prompting by the

payment service user.

a.2) passively, by making the information available to the payment service

user, considering any possible request by the latter for further

information. in this case, the payment service user must take active

steps to obtain the information, such as requesting it explicitly from the

payment service provider, logging into a bank account mail box or

printing account statements using a bank card.

b) the second assumption is that of specific transparency, since it relates to the

information obligations with respect to users who are also consumers. in this

case, the psd2, to ensure their special protection, enshrines the right of

consumers to receive relevant information free of charge before being bound

by any payment service contract. consumers should also be able to request

prior information as well as the framework contract, on paper, free of charge

at any time during the contractual relationship, so as to enable them both to

compare the services and conditions offered by payment service providers

and, in the event of a dispute, to verify their contractual rights and obligations.28

the two regulatory assumptions mentioned above should be completed with two important

stipulations of an opposing nature: exclusive, since member states may decide that

transparency rules shall not apply in whole or in part when the payment service user is not

a consumer; and inclusive, since member states may apply the provisions in this title to

micro-enterprises in the same way as to consumers (article 38).

as mentioned in section 4.1.1 of this study, the psd2 treats occasional or single payment

transactions very differently from those that are conducted under a framework contract,

particularly as regards transparency. thus, compliance with information obligations by

providers depends on which of the two types of relationship exists between the payment

service providers and users, as follows:

a) single payment transactions not covered by a framework contract. in this

case, the psd2 establishes information obligations in the following

situations and between the respective parties:29 prior general information

that the payment service provider must make available to the payment

service user, information for the payer and the payee after the initiation of

a payment order, information for the payer and the payer’s account

servicing payment service provider in the event of a payment initiation

service, information for the payer after receipt of the payment order and

information for the payee after execution.

b) the framework contracts and payment transactions covered by such

contracts. in this case, the psd2 establishes information obligations in the

27 see recital 60.28 see recital 59. 29 chapter 2 of title iii, article 38 et seq.

4.2.2 appropriate for the type

of relationship that exists

between payment service

providers and users


following situations and between the respective parties:30 general prior

information that the payment service provider must make available to the

payment service user (covering the following: information on the payment

service provider, on use of the payment service, on charges, interest and

exchange rates, on communication, on safeguards and corrective measures,

on changes to, and termination of, the framework contract and on the resolution

of disputes), information before the execution of each payment transaction and

information for the payer and the payee on each payment transaction.

the regulation by the psd2 of this second key aspect of the proper functioning of payment

services in the eu, that is, the rights and obligations of both payment service users and of

the providers of such services,31 is appropriate, first of all, for the type of user32 since such

rights and obligations are applied differently depending on the status of the payment

service user:

a) they shall be applied fully and obligatorily to payment services provided to

payment service users who are consumers. it should be noted that under the

psd2, member states may also apply the provisions on the rights and

obligations of consumers to micro-enterprises.

b) they shall be applied in part and by default to users of payment services who

are not consumers, since, in such cases, the payment service users and

providers may agree that certain provisions on rights, obligations and time

limits do not apply in whole or in part.

the psd2 uses a second, chronological, criterion to regulate the rights and obligations

of the parties involved in the provision and use of payment services, grouping them under

two points in time:

regarding this first point in time, the directive regulates the consent and withdrawal of

consent, the confirmation of the availability of funds, etc.33

Worth mentioning, in this respect, are the new regulations on access to and communication

of customer data by banks to the new fintech companies. under the psd2, traditional

banks (as managers of their customers’ payment accounts) are required to give payment

initiation and payment account information service providers (mostly fintech companies)

access to their customers’ payment accounts, thus opening the gates to the banks’ core

business. specifically, the psd2 sets three types of conditions for such access to

information on payments accounts, as follows:

a) common conditions for access to payment accounts. for a company providing

payment initiation or payment account information services (generally, a

fintech) to be able to gain access to a payment account or information on this

30 chapter 3 of title iii, article 50 et seq. 31 title iv (article 61 et seq.) stipulates “the rights and obligations in relation to the provision and use of payment

services”. for the legal status of payment initiation service providers, see alonso ledesma (2018), op. cit., pp. 19 et seq.

32 for the obligations of payment service users, see alonso ledesma (2018), op. cit., pp. 24 et seq. 33 chapter 2 of title iv, article 64 et seq.

4.3 legal status of the

parties iNvolved iN

paymeNt services

4.3.1 appropriate for the type

of payment service user.

special reference to the

consumer

4.3.2 appropriate as regards

the time of provision of

the payment service:

authorisation and

execution of payment

transactions

4.3.2.1 rights and obligations at the

time of authorisation of

payment transactions


account, held by an account servicing payment service provider (generally, a

bank), two conditions should exist: one that is positive, in that the payer or user

must give their explicit consent; and one that is negative, in that neither the

provision of payment initiation or account information services shall be

dependent on the existence of a contractual relationship for that purpose

between the payment initiation or account information service providers and

the account servicing payment service providers.

b) access to the payment account in the case of payment initiation services. this

is based on the right of every payer to have recourse to a payment initiation

service provider. such a right will not apply where the corresponding payment

account is not accessible on-line. to make the right workable in practice, if the

payer gives explicit consent for a payment to be made, the two payment

service providers involved will be required to adopt the following measures to

guarantee that the payer can exercise the right to use the payment initiation

service:

the payment initiation service provider (generally, a fintech company) shall

be subject to a series of affirmative or “active” obligations (to ensure that the

personalised security credentials of the payment service user are not, with

the exception of the user and the issuer of the personalised security

credentials, accessible to other parties and that they are transmitted by the

payment initiation service provider through safe and efficient channels; to

ensure that any other information about the payment service user, obtained

when providing payment initiation services, is only provided to the payee

and only with the payment service user’s explicit consent; to identify itself

towards the account servicing payment service provider of the account

holder every time a payment is initiated, and to communicate with the

account servicing payment service provider, the payer and the payee in a

secure way). the payment initiation service provider shall also be subject to

a series of negative or “omissive” obligations (not to hold at any time the

payer’s funds in connection with the provision of the payment initiation

service; not to store sensitive payment data of the payment service user; not

to request from the payment service user any data other than those necessary

to provide the payment initiation service, etc.).

the account servicing payment service provider (generally, a bank),34 shall be

subject to certain obligations, such as establishing secure communication

with the payment initiation service providers; providing the latter with all

information on the initiation of the payment transaction and all information to

which it has access regarding the execution of the payment transaction,

immediately after receipt of the payment order; treating payment orders

transmitted through the services of a payment initiation service provider

without any discrimination other than for objective reasons (in particular in

terms of timing, priority or charges vis-à-vis payment orders transmitted

directly by the payer).

34 for the obligations of the account servicing payment service provider regarding access to customer accounts, see alonso ledesma (2018), op. cit., pp. 24 et seq.


c) access to and use of payment account information in the case of account

information services. this is based on the right of any payment service user to

make use of services enabling access to account information. such a right will

not apply where the corresponding payment account is not accessible on-

line. to make the right workable in practice, if the user gives explicit consent,

the two payment service providers involved will be required to adopt the

following measures:

the account information service provider (generally, a fintech company)

shall be subject to a series of positive or “active” obligations (to ensure that

the personalised security credentials of the payment service user are not,

with the exception of the user and the issuer of the personalised security

credentials, accessible to other parties and that when they are transmitted

by the account information service provider, this is done through safe and

efficient channels; for each communication session, to identify itself

towards the account servicing payment service provider(s) of the payment

service user and to securely communicate with the account servicing

payment service provider(s) and the payment service user; to access only

the information from designated payment accounts and associated payment

transactions, etc. the account information service provider shall also be

subject to a series of negative or “omissive” obligations (not to request

sensitive payment data linked to the payment accounts; not to use, access

or store any data for purposes other than for performing the account

information service explicitly requested by the payment service user, in

accordance with data protection rules, etc.).

the account servicing payment service provider (generally a bank) shall be

subject to a series of obligations such as communicating securely with

account information service providers and treating data requests transmitted

through the services of an account information service provider without any

discrimination for other than objective reasons.

in view of its legal relevance, the discussion of this first stage of the regulation

of rights and obligations relating to the authorisation of payment transactions

should conclude with a reference to the liabilities of the parties involved: on

one hand, in the case of an unauthorised payment transaction, the payment

service provider shall refund the user for the amount of the unauthorised

transaction immediately, and in any event no later than by the end of the

following business day, after noting or being notified of the transaction, except

where the payer’s payment service provider has reasonable grounds for

suspecting fraud and communicates those grounds to the relevant national

authority in writing (article 73). on the other, the payer may be obliged to bear

the losses relating to any unauthorised payment transactions, up to a

maximum of eur 50, resulting from the use of a lost or stolen payment

instrument or from the misappropriation of a payment instrument (article 74).

regarding this second point in time, the psd2 deals with payment orders and amounts

transferred, execution times and value date, etc.35 here, from a legal standpoint, the

provisions on the liability of the payment service provider are of particular importance.

35 chapter 3 of title iv, article 78 et seq.

4.3.2.2 rights and obligations

at the time of execution

of payment transactions


they conform to a classical approach to both contractual and non-contractual civil liability

which requires three elements for civil liability to arise: an illegal act by the liable party, of

a culpable or fraudulent nature; direct financial loss sustained by the claimant, in the form

of consequential damages or loss of profits; and a clear causal relationship between the

act and the loss.

the psd2 regulates three aspects of this civil liability:36

a) first, it establishes the assumption of incorrect unique identifier37 in the dual

sense that, if a payment order is executed in accordance with the unique

identifier, the payment order shall be deemed to have been executed

correctly with regard to the payee specified by the unique identifier, and

that if the unique identifier provided by the payment service user is incorrect,

the payment service provider shall not be liable. all the foregoing without

prejudice to the payer’s payment service provider making reasonable efforts to

recover the funds involved in the payment transaction and the payee’s payment

service provider cooperating in those efforts also by communicating to the

payer’s payment service provider all relevant information for the collection of

funds (article 88).

b) second, it distinguishes between two cases of providers’ liability: the first is

liability for non-execution, defective or late execution of payment transactions

(article 89) and the second relates to payment initiation services, for non-

execution and defective execution of payment transactions (article 90).

c) third, it stipulates that, on top of the compensation for the user envisaged in

the above two cases, additional financial compensation may be determined

under the contract concluded between the payment service user and the

payment service provider (article 91). it also provides for the right of recourse

of the payment service provider who has to pay a user compensation

attributable to another payment service provider or to an intermediary,

ultimately liable for wilful non-compliance (article 92).

the legal status of payment service providers is completed by the regulation of a series of

conditions for the exercise of their activities in the professional provision of payment

services, consisting, firstly, of the obligations relating to data protection.38 in relation to the

provision of information to individuals about the processing of personal data, the psd2

refers to directive 95/46/ec and regulation (ec) No. 45/2001, specifically establishing that

payment service providers shall only access, process and retain personal data necessary

for the provision of their payment services, and only with the explicit consent of the

payment service user.

secondly, the psd2 establishes obligations on these providers in relation to “operational

and security risk and authentication”,39 noting that, “member states shall ensure that

36 see recital 86.37 the psd2 defines them as “a combination of letters, numbers or symbols specified to the payment service user

by the payment service provider and to be provided by the payment service user to identify unambiguously another payment service user and/or the payment account of that other payment service user for a payment transaction” [Article 4(33)].

38 chapter 4 of title iv, article 94.39 chapter 5 of title iv, article 95 et seq.

4.3.3 obligations of payment

service providers in

respect of data

protection, operational

and security risks and

authentication


payment service providers establish a framework with appropriate mitigation measures

and control mechanisms to manage the operational and security risks, relating to the

payment services they provide”. regarding this last point, the obligations of the providers

can be organised under two points in time with respect to major operational or security

incidents:40

a) as preventive measures, since the payment service providers are responsible

for having in place security measures that are proportionate to the existing

security risks, by setting up a framework to mitigate risks and maintain

effective incident management procedures and reporting to the competent

authorities, on a regular basis, with an updated assessment of their security

risks and the measures that they have taken in response to those risks.

b) as mitigating measures, since the payment service providers, in order to

ensure that damage to users, other payment service providers or payment

systems, is kept to a minimum, are required to report major security incidents

without delay to the competent authorities.

the regulatory framework of the legal status of the parties involved in payment service

naturally culminates in the regulations applicable to the consequences of any infringements

by the payment service providers of the provisions of the psd2 and of national law

transposing them. such infringements may have two types of consequences:

a) the civil liability of payment service providers, the key aspects of which have

already been referred to when discussing the rights and obligations of the

parties involved in payment services at the time of authorisation and execution

of payment transactions in sections 4.3.2.1 and 4.3.2.2 above. from a

procedural viewpoint, this civil liability can take the form of disputes before

the judicial authorities of each state. the psd2 regulates alternative dispute

resolution proceedings before other types of institutions which member states

must shall guarantee and which shall take the form of procedures that allow

payment service users and other interested parties including consumer

associations, to submit complaints to the competent authorities with regard to

payment service providers’ alleged infringements.41

b) the administrative liability of payment service providers, which shall take the

form of penalties applicable to infringements of the national law transposing

the psd2. the member states shall ensure that such penalties are effective,

proportionate and dissuasive and shall take all necessary measures to ensure

that they are implemented.

5.1 the psd2 has a two-pronged regulatory scope: on the one hand, a status or

subjective scope because it defines six categories of payment service providers and

establishes the conditions of taking up and pursuit of the business of payment services;

on the other, a functional or objective scope because it sets out common rules on

transparency and the rights and obligations of users and of payment service providers.

40 recitals 91 and 92. 41 chapter 6 of title iv, article 99 et seq.

4.3.4 alternative dispute

resolution and penalties

arising from

infringements of the

provisions by payment

service providers

5 Conclusions


5.2 the regulatory structure of payment services in the eu set out in psd2 is based on

the identification of the parties involved in these services, that is, the service providers and

users.

5.3 payment service providers can be classified using two criteria. first, they can be

organised into two groups according to their legal status: institutions which have their own

status established in rules external to the psd (for example, credit institutions); and

payment institutions whose specific status – comprising the conditions of taking up and

pursuit of the business of payment services – is laid down in the psd2.

5.4 second, payment service providers can be classified according to the type of

payment services provided, into another two groups: account servicing payment service

providers and providers of other payment services which, in turn, may be providers of

payment initiation services or providers of account information services.

5.5 the specific status of payments institutions established in the psd2 is in line with

the typical system of european regulation of financial intermediaries which includes the

following five phases: the definition of the financial activity inherent to this type of

institutions which, in this case, comprises the professional provision in the eu of the

payment services; reservation of said activity for authorised intermediaries which, in this

case, are payment institutions together with the other payment service providers listed in

article 1(1) of the psd2; requirement that the payment institution fulfil a set of conditions

for taking up and pursuit of the defined activity; and the public supervision of compliance

by payments institutions with the conditions of taking up and pursuit of their activity.

5.6 at the other end of the regulatory structure of payment services in the eu are the

users who can be classified according to the following two criteria: their legal status,

distinguishing between consumer users and non-consumer users; and their position or

role in the payment service agreement, drawing a distinction between consumer or non-

consumer users in their capacity as a payer or as a payee.

5.7 the regulatory structure of payment services in the eu under the psd2 is completed

by the definition of payment services in annex 1 thereof and by identifying those that are

included and those that are excluded.

5.8 the system for payment services in the eu set out in the psd2 is based on the two-

fold distinction between framework contracts and single payment transactions, and

between contracts between payment service providers and users and contracts between

payment service providers and other financial intermediaries.

5.9 the first key aspect of the system for the proper functioning of payment services in

the eu set out in the psd2 is the transparency of such services, which can be explained

in terms of the classical structure of communication, identifying the issuers (in this case,

the payment service providers), the receivers (the payment service users) and the messages

(the payment service conditions).

5.10 the information obligations under the transparency system are based on the general

principle of the appropriateness of the information, in a dual sense: appropriate for the

parties, since, in order to enhance efficiency, the information required should be

proportionate to the needs of users and should be communicated in a standard format;

and appropriate for the type of relationship between the parties, since the information


requirements for a single payment transaction should be different from those of a framework

contract providing for a series of payment transactions.

5.11 the second key aspect of the system for the proper functioning of payment services

in the eu set out in the psd2 is the legal status of the parties involved in such payment

services, which is regulated according to two appropriateness criteria: first, appropriate for

the type of payment service user, with specific protection of consumers; and, second,

appropriate for the time at which the service is provided, whether at the authorisation or

execution of payment transactions.

5.12 the legal status of payment service providers established by the psd2 is completed

with a set of obligations relating to major operational or security incidents and arising at

two points in time: as preventive measures, since they are responsible for having in place

security measures that are proportionate to the existing security risks; and as mitigating

measures, since they are required to report major security incidents without delay to the

competent authorities to ensure that damage to users, other payment service providers or

payment systems, is kept to a minimum.

5.13 essential from a legal and regulatory standpoint are the substantive and procedural

provisions governing the liability (civil and administrative) established by the psd2 as a

result of infringements by the payment service providers of the provisions of the psd2 and

of national law transposing them.

aloNso ledesma, c. (2018). “los nuevos proveedores de servicios de pagos: una primera aproximación a la segunda directiva de servicios de pagos”, Revista General de Derecho de los Sectores Regulados, 1.

europeaN commissioN (2018). “payment services directive: frequently asked questions”, fact sheet memo/15/5793, 12 January.

GARCÍA RODRÍGUEZ, A. (2012). “La Directiva 2007/64/CE, sobre servicios de pago en el mercado interior, y la nueva figura de las entidades de pago en españa y el reino unido”, Revista de Derecho Bancario y Bursátil (rdbb), No. 128, pp. 183 et seq.

GUTIÉRREZ GILSANZ, J. (2015). “La transferencia y el adeudo domiciliado desde la normativa sobre servicios de pago”, Revista de Derecho Bancario y Bursátil (rdbb), No. 140, pp. 77 et seq.

hualde maNso, t. (2010). “algunas cuestiones de la nueva regulación de los servicios de pago desde la perspectiva de sus usuarios”, Revista Doctrinal Aranzadi Civil-Mercantil, No. 5/2010.

liNares polaiNo, m. (2012). “las entidades de pago y las entidades de dinero electrónico: los cuasibancos”, Derecho Bancario y Bursátil, madrid, pp. 393 et seq.

RAMOS HERRANZ, I. (2012). “Las obligaciones y la responsabilidad de las entidades emisoras de tarjetas (y de sus titulares) tras la directiva y la ley española de servicios de pago”, Revista de Derecho Mercantil, No. 283/2012.

tapia hermida, a. J. (2015). Manual de Derecho del Mercado Financiero, ed. iustel, 1.st edition, madrid.— (2018). “la nueva regulación de las cuentas de pago en la unión europea. la directiva 2014/92/ue y su

trasposición al ordenamiento español mediante el real decreto-ley 19/2017”, La Ley Unión Europea, No. 56, 28 february.

— (2018). “la aplicación de la normativa mifid ii desde el 3 de enero de 2018 y su trasposición al ordenamiento español”, Revista de Derecho Bancario y Bursátil (rdbb), No. 149, pp. 187-202.

— (2018). “las tecnofinanzas (fiNtech). retos a la regulación y a la supervisión financieras”, Revista Iberoamericana del Mercado de Valores (rimv), No. 54 (July), pp. 1 et seq.

REFERENCES

the second payment services directive · 1 see apia t hermida (2018), “las tecnofinanzas...

Documents